Security and Privacy

 

Spring 2016

Prof. Lakshminarayanan Subramanian

Wed 7:10-9:00, CIWW 512

Office Hours: Mon 3:00- 4:00, 715 Broadway, Room 706

 

Overview

 

This is a graduate level course on security and privacy. This class will cover the fundamentals of how to build secure and privacy-aware systems as well as expose students to common vulnerabilities and threats to existing large-scale networks and systems. There's no textbook, you need to read many research papers (with our guidance) to learn the latest advances and solutions in security and privacy. This class has no formal prerequisites but students are expected to be familiar with basic undergraduate concepts in operating systems and programming languages.  

 

The goal of this class is to guide students so that they can:

 

This course will have three components:

1.    reading/lecture/discussion of papers (homework questions - 30% weightage)

2.    a series of labs (40% weightage)

3.    exams (30% weightage)

Topics

Some of the topic areas covered in the area of security include: network security, web security, enterprise security, trust and reputation systems, distributed systems security, cryptocurrency, worms and viruses. Topics covered in the area of privacy include: privacy and logic, anonymity, privacy-aware information flow, computing on encrypted data, mobile security and application privacy.

Week 1: Introduction to Attacks and Defenses, Authentication and Passwords

Week 2: Secure Network Identities

Week 3: Trust Networks and Reputation Systems

Week 4: Programming Bugs and Software Threats (Buffer Overflows, Control Hijacking etc.)

Week 5: Privilege Separation, Sandboxing and Capabilities

Week 6: Web Security and Secure Web Applications

Week 7: Spam, Phishing and Worms

Week 8: Bitcoin and Cryptocurrencies

Week 9: Anonymous Communication

Week 10: Computing on Encrypted Data

Week 11: Data Privacy: k-Anonymity and Differential Privacy

Week 12: Cloud Security

Week 13: Mobile Security

Week 14: Final Exam

Labs

The course consists of four programming labs that expose students to various aspects of security and privacy in real-world systems.

The labs will be posted soon.

Week 1 Readings:

Week 2 Readings:

Week 3 Readings:

Week 4 Readings:

Week 5 Readings:

Week 6 Readings:

Week 7 Readings:

Week 8 Readings:

Week 9 Readings:

Week 10 Readings:

Week 11 Readings:

Week 12 Readings:

Week 13 Readings: